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(57) Abstract 

A key generation system is implemented as follows. In an enrolment apparanis. a unique number for use with PIN operated machines 
or public key cryptography system is generated by manipulation of fingerprint information of a subscriber. A filter is then generated which 
is a function both of the Fourier transform of the subscriber's fingcrprint(s) and of the unique number. This filter is stored on a subscriber 
card. When the subscriber wishes to generate his key, he inputs his card to a card reader of an apparatus and places his fingers) on a 
fingerprint input. The apparatus generates an optical Fourier transform from the fingerprint input. The Fourier transform signal is incident 
on to a spatial light modulator programmed with the filter information from the card. An inverse transform is generated from the filtered 
signal and this is used to regenerate the key that will be used as the PIN in a PIN operated device, or as the private key in a public key 
cryptography system. 




FOR THE PURPOSES OF INFORMATION ONLY 



Codes used to identify States party to the PCT on the front pages of pamphlets publishing international 
applications under the PCT. 



AT 


Austhi 


GB 


Uniied Kingdom 


MR 


MuirituiiA 


AU 


Ausnlia 


GE 


Georgia 


MW 


MaIbwi 


BB 


Barbados 


GN 


Guinea 


NE 


Niger 


BE 


Belgium 


GR 


Greece 


NL 


NetherUrdi 


BF 


Burkina Fuo 


HU 


Hungary 


NO 


Norway 


BG 


Bulgaria 


IE 


Ireland 


NZ 


New Ze&Und 


BJ 


Benin 


IT 


Italy 


PL 


Poland 


BR 


Bnzil 


JP 


Japan 


PT 


PoftugaJ 


BY 


BeUnu 


K£ 


Kenya 


RO 


Romania 


CA 


Canada 


KG 


Kyrgysun 


RU 


Ruuian Federvion 


CF 


CcDCnl Afhcan Republic 


KP 


Democraiic People's Republic 


SD 


Sudan 


CG 


Coogo 




of Korea 


SE 


Sweden 


CH 


SwitterUod 


KR 


Republic of Korea 


St 


Slovenia 


CI 


C6(e d* I voire 


KZ 


Kaukhsun 


SK 


Slovakia 


CM 


CimerooD 


LI 


Liechtenstein 


SN 


Senegal 


CN 


China 


LK 


Sri Linka 


TD 


Chad 


CS 


Czecho«k}vakia 


LU 


Luxembourg 


TG 


Togo 


CZ 


Czech Republic 


LV 


Larvia 


TJ 


Tajikistan 


DE 


Germany 


MC 


Monaco 


TT 


Trinidad and Tobago 


DK 


Denmark 


MD 


Republic of Moldova 


UA 


Ubr»ine 


ES 


SpAin 


MG 


Madagascar 


US 


United Statei of America 


Ft 


Finland 


ML 


Miii 


UZ 


Uzbeki&un 


FR 


France 


MN 


Mongolia 


VN 


Viet Nam 


GA 


Gabon 












PCT/CA95rt)0509 



WO 96/08093 



BIOMETRlCCOm^^ KEY GENERATION 



Ftack ground nf the Invention 



1 . Field of the Invention 



TOs invention relays to a system for generating a key under the control of 
a btometric. such as a flngerprint. The system has appUcatton in a public key cryptographtc 
system and for devices requiring a persona, identiftcation number (PIN) for operatton. 



2 Description of the Related Art 

,„ a public key ctyptosystem. a plain text message may be encrypted by 
^putting the message and an enciphering key to an encrypuon algorithm. To de,:ipher the 
message, the enctypted message ts utpu. to the .nverse of the same a-SoHdun 
a deciphering key. As with many encryption techniques, the encryptton algortdun effe ts 
...fonnation. of the plain text message which are so complicated it is computattonMly 
infeasible to reverse U,e process even if the algorithm is known. A pecuiiaxtty of publtc 
,ey systems is that it is also computationally infeasible to determine the ^^'^""^^^ 
from dte enc.phering key. Consequently, in a public key cryptosystem, both the al.or.t^ 
and the enciphering key may be made available to the public without J-pard^tng t^= 
security of a message enciphered wim the er^iphering key. Hence me term publtc ke 
for the enciphering key. The deciphering key, which is conftdential, is known as a pr.va 
,ey With a pubhc key system, anyone who wishes to receive Encrypted messages tn y 

■ ^ A o «nhiir kev freelv available. Moreover, some public 
make an encryption algorithm and a public key treeiy , ^ 

• of a "dieital signature" that prevents forgery ot 
key systems allow the transmission of a digital signam 

messages by a receiver as well as a third party. 

By way of example, with the known "knapsack" cryptosystem. a public key 
. derived from a private key utilising modular arithmetic. Each element m the a.ay 
(vector) forming a private key is multiplied by a large prime number. . and divided by 
econd large pr.me number, y. The corresponding element of the public key vector is the 
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remainder from this operation. In order to encrypt a plain text message, the message is * 
digitised and the digital string grouped into arrays (vectors) each having the same number 
of elements as the number of elements in the array which comprises the public key. The 
encrypted message is formed from the vector dot product of the public key vector with each 
vector formed from the digitised plain text message. 

Clearly the exemplary encryption technique and the technique for deriving 
a public key from a private key make it computationally infeasible to determine either the 
private key or the plain text message even though the algorithm, along with the encrypted 
text, is known. There are, however, known techniques for structuring a private key vector 
such that, with it, the plain text can be rapidly derived from an encrypted message. Two 
sample techniques in this regard are described in an article entitled "The Mathematics of 
Public-Key Cryptography" Scientific American August 1979, pages 146 to 157. 

The problem with such public key cryptograph systems is that, in use, they 
require a secure, yet readily available, private key. The private key has to either be 
remembered, which is not practical, or stored in a secure place and retrieved. The security 
of storage therefore is at best dependent on password access which itself can be 
compromised. 

A number of devices, such as automated teller machines (ATMs) and 
symmetric encryption/decryption systems, require the entry of a PIN for operation. A PIN 
therefore acts as a private key which permits operation of such devices. Devices requiring 
a data key for operation share the same problem as identified for public key cryptographic 
systems: the data key must be secure and yet readily available. To mitigate this problem, 
PIN operated devices often utilize a short key which may be mem.orized by the user. 
However, not all users do memorize their PIN and, in any event, use of a short PIN 
reduces the security of the PIN operated device. 

This invention seeks to overcome drawbacks of the known prior art and 
provide an extremely secure private key which is not even known by the user yet is readily 
accessible. 

- 2 - 
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Summary of the Invention 

According to the present invention, there is provided a biometric controlled 
key generation system, comprising: a body part input for generating an optical information 
signal impressed with a biometric; Fourier transform means along a path of said optical 
information signal to obtain a Fourier transform representation of said information signal; 
a programmable filter responsive to said Fourier transform means for filtering said Fourier 
transform representation of said information signal to obtain a filtered Fourier transform 
representation; means for reading data from a data carrier storing filter information and for 
programming said progranmiable filter with said filter information data; inverse transform 
means responsive to said filter to inverse Fourier transform said filtered Fourier transform 
representation to obtain an inverse transform representation; key generating means 
responsive to said inverse transform means for generating a private key. 

According to another aspect of this invention, there is provided a method for 
generating a private key» comprising the steps of: generating an optical information signal 
impressed with a biometric; obtaining a Fourier transform representation of said information 
signal; receiving a filter and filtering said Fourier transform representation of said 
information signal with said filter to obtain a filtered Fourier u-ansform representation; 
obtaining an inverse Fourier transform representation of said filtered Fourier transform 
representation; generating a private key from said inverse transform representation. 

Brief Description of the Drawings 

In the figures which disclose example embodiments of the invention, 
figure 1 is a schematic diagram of an enrolment apparanis made in accordance with this 
invention, 

figure 2 is a schematic diagram of an encrypting/decrypting apparatus made in accordance 
with this invention, 

figure 3 is a schematic diagram of a portion of figure 2, and 

figure 4 is a schematic diagram of a PIN generating apparatus made in accordance with this 
invention. 

Description of the Preferred Embodiments 

In the following, lower case letters represent functions in the "spatial 
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domain" and upper case letters represent the "Fourier transformed frequency domain". 
Also, we use the following terminology: "Fourier transform" denotes a transformation from 
the spatial domain to the frequency domain, and "inverse Fourier transform" denotes a 
transformation from the frequency domain to the spatial domain. It should be noted that 
when the inverse Fourier transform is implemented optically (using a lens), the 
transformation is in fact equivalent to the Fourier transform. The consequence of this is 
that a coordinate reversal occurs in the resulting spatial domain. On the other hand, digital 
implementation of the inverse Fourier transform can be accomplished as mathematically 
defined, and so no such coordinate reversal occurs. However, both (optical and digital) 
implementations of the inverse Fourier transform can be used to produce the correlation 
operation which is required for this invention. 

An individual who wishes to use the encrypting and decrypting apparaws of 
this invention is enroled by way of enrolment apparatus 10 of figure 1 . With reference to 
figure 1. enrolment apparatus 10 comprises an input system 29 with a light source 30, 
which may be a coherent source, an expander lens 31. and a collimator lens 33 to 
illuminate a prism 35 with a beam 37. One face of the prism forms an input screen 28. 
The individual to be enroled places a finger (or fingers) 12 on the input screen. The input 
system utilizes the principle of total internal refiection to read the pattern formed by the 
furrows of the input fingerprint pattern. That is. a furrow will create an air space over the 
surface of a glass screen, allowing light which is internally reflected from the interior 
surface of the screen to proceed unimpeded. Ridges, however, will be in contact with the 
surface, where they will scatter and absorb a portion of the illuminating light. This effect 
is known as frustrated total internal reflection. In the result, the output beam 39 from the 
prism is an information beam carrying the fingerprint pattern, p. The optical beam 39 
inputs a lens 40 which images the fingerprint information onto an Image Capnjre and 
Digitizer Device ICDD, 41, comprising a light detector array, an A/D converter and a 
processor. The ICDD converts the optical fingerprint information beam into a two- 
dimensional grey scale digital representation. The digital output 42 of the ICDD is input 
to a unique filter generator 43 and to a unique number generator 44. 

The unique number generator 44 generates an array of numbers. This may 
be accomplished in any of a number of ways. For example, a Fourier transform of the 
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fingerprint information may be calculated to obtain the Fourier transform co-efficients of 
the transform. Selected ones of these Fourier transform co-efficients may then be chosen 
and combined to generate a number u. It will be apparent that this number u is unique to 
the particular fingerprint(s) placed on the input screen. Ahematively, u can be generated 
by a random number generator seeded with the selected Fourier transform co-efficients. 

The unique number u is then used to generate an array of numbers g = {g, g^} such 

that the values in the elements of g represent the unique number u. For example, if u is 

a k-digit base 10 number and if in any subsequent measurement of the values gj g^, the 

detecting instrument will have a known error in detection which only allows 0 distinct 
values from 0 to m - 1 inclusive (m is the dynamic range of the detector), n would be 
chosen to be the integer greater than or equal to log^lO^. The unique number u can then 
be expanded into elements of g by using modulo division, i.e.: 

gi = Integer of u 



g2 = Integer of u mod j3"' 



g3 = Integer of fu mod mod g"'^ = Integer of u mod g"'^ 

etc. The array, g, is input to the unique filter generator 43. 

The unique filter generator 43 calculates the digital Fourier transform, P, of 
the fingerprint information and generates a two dimensional filter function, F, as follows. 
The mathematical multiplication of the fingerprint transform, P, with the filter, F, produces 
the two-dimensional light distribution S. F is generated so that the inverse Fourier 
transform of S, denoted by s, is equal to a series of n displaced delta-like functions 6), 

6n, where the square of the amplitude of 6j is equal to the corresponding value gj in 

the array g. This may be represented mathematically by the following sets of equations 
which for convenience will be described in one dimension: 
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Let p(x) be the input fingerprint panem signal 

P(u) be the complex Fourier transform of the signal, denoted by 
I P(u) I expO«i(u)), where «i(u) is the phase of the Fourier transform 

F(u) be the filter function 
and s(x) be the output signal 

We desire s(x) to have the following form; 

s(x) = vTr-5(x-x,) + VJ^Mx-Xj) + • • "^^-^Cx-Xn) 

that is n delta functions at positions x,, Xj.-.-x^ and relative intensities 
gi. g2- - gn respectively 

Then, 

S(u)= l-/i7.6(x-x,).exp(-j27iux)dx + J v^.5(x-X2).exp(-j27:ux)dx +... 
Let x' = x-x,, x" = x-Xj, etc. 

S(u)= jA/i7.5(x').exp(-j27tu(x'+x,))dx' + J v^.5(x").exp(-j27iu(x"+X2))dx"+... 

= Vi7.exp(-j27tux,). J 6(x').exp{-j2Tiux')dx'Vi7.exp(-j27tux2). | 5(x").exp(-j27iux")dx" 

= -/g7.exp(-j27tux,)+V^.exp(-j2T:ux2) + ••■ 

We require that 
P(u).F(u) = S(u) 

Thus, F(u) = S(u) 
P(u) 

That is, 

V77.exp(-j27iux,) +\^.exp(-j2nux2) +...v^exp(-j2nux„) 

F(u) r~r 

tP(u)l exp 0<*(u)) 
- 6 - 
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exp(-j<i(u)) 




- [VT7^xp(-j27tuXi)+\/g7exp(-j27iux2)+ ...] 




In general IP(u)l = 0 will occur for some values of u, resulting in singularities in the above 
expression for F(u). This problem is usually eliminated by imposing a magnitude constraint 
on F(u), such that 



where a is a constant that ensures that tF(u)l is normalized. 

This complex-valued filter function, F, will be implemented on the available spatial light 
modulator using the methods described in the article "Optimal realizable filters and the 
minimum Euclidean distance principle," Richard D. Juday, Applied Optics, Vol. 32 pages 
5100-5111 (1993), or by other such methods. 



unique filter generator outputs the values of the filter F to card storage device 22 on line 46. 
The card storage device stores filter F on a storage medium (such as a magnetic .strip or 
smart card chip) of a card 20. Once this operation is accomplished, enrolment is complete 
and the individual leaves with card 20. 

A subscriber may communicate his public key or decrypt a message utilizing 
apparatus 70 of figure 2. Further, another may encrypt a message with apparatus 70. 

Turning to figure 2, apparatus 70 comprises an input system 129 with a laser 
130, expander lens 131, collimator lens 133, and prism 135 which may be similar to the 
input system 29 of figure 1. A correlator 142 is in the information beam path 139, The 
correlator comprises a Fourier transforming lens 143, an electronically addressable 
(programmable) spatial light modulator (SLM) 144 in the back focal plane of lens 143, and 
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an inverse Fourier transform lens 146. The output beam 147 from the correlator inputs 
optical detector 148. Detector 148 inputs processor 80 on line 149. The processor also 
receives an input from card reader 72 on line 78. The processor outputs to the SLM 144 
on line 79. to a pseudo-random number generator 84, and to a public/private key generator 
88 on line 82. The pseudo-random number generator outputs to the public/private key 
generator which, in turn, outputs to a public key communicator 94 and, on line 92, to a 
decryption/encryption system 96. The public/private key generator also receives an input 
from public key receiver 95 and from keypad 74. The decryption/encryption system receives 
an input from an input message store 98 and outputs to an output message store 100. 

A subscriber who wishes to transmit his public key places the same finger or 
fingers on the input screen 128 as were placed on the screen 28 (figure 1) during enrolment, 
his card 20 in reader 72, and presses bunon 76 of keypad 74. This activates light source 
130 and the resulting output beam 139 from the prism is an information beam carrying the 
fingerprint pattern p'. The beam 139 carrying the spatial fingerprint information proceeds 
into the correlator 142 and passes through the Fourier transform lens 143. The filter 
information, F, stored on card 20 is read by reader 72 and input to processor 80. The 
processor converts the incoming digital filter information signals to analog SLM drive 
voltages. These drive voltages, which represent the filter information, are transferred into 
the SLM 144 on line 79. The filter written on the SLM 144 modulates the fingerprint's 
optical transform through a multiplicative method which is part of the optical correlation 
operation which compares the subscribers fingerprint(s) with those represented by the 
encoded filter F stored on the subscriber's card. The output from the SLM 144 is an optical 
signal S' whose similarity to the transform ftinction S depends on the degree of correlation 
between the input fingerprint(s) p' and the reference fingerprint(s) p used to construct the 
filter F. If p and p' are the same fingerprint(s) then S' equals S. The optical signal 145 
which comprises S' passes through the second transform lens 146 and onto the optical 
detector 148 where its intensity distribution s' is detected. When p' equals p then s' will be 
an intensity distribution representing g, the array of numbers which represent the unique 
number u. The output of the optical detector 148 inputs the processor 80 which calculates 

the unique number u from the array of numbers {g,, g„}. If the error in detection by 

detector 148 only allows p distinct values between 0 and m-1 inclusive, where m is the 
dynamic range of the optical detector 148, we calculate: 
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g * = gi(measured) . _g_ and round to integers 
m 

where 0 < gj* < p. 

Then u = g,*P"-»+ g2*p"'2 + +g,*P^ 

The number u then acts as the seed number which inputs pseudo-random 
number generator 84, It is important to note that the pseudo-random number generator will 
generate the same random numbers whenever it is input with the same seed, in this case u. 
The random numbers derived by pseudo-random number generator 84 as well as u itself, on 
line 82, input the key generator 88. The key generator utilizes known public-key 
cr>'ptographic techniques to derive a private key or a public key from these inputs. With 
bunon 76 of keypad 74 depressed, the key generator is prompted to output the public key 
on line 90 to public key communicator 94. Communicator 94 may simply be a display or 
it could be a transmitter such as a modem which transmits the number to a sendee. 

If a subscriber has an encrypted message he wants to decipher, he may utilize 
apparatus 70 to decrypt same, as follows. The encrypted message is input to input message 
store 98. Then the subscriber (receiver) inserts his card 20 in card reader 72, depresses 
bunon 79 of keypad 74, and places his fmger(s) on input screen 128. As before, the 
processor 80 generates the unique number u from the intensity distribution s' and this, along 
with the random numbers generated by random number generator 84 in response to the seed 
number u, input the key generator 88. In response to the prompt from button 79, the key 
generator utilizes these inputs to derive the private key. The private key then inputs 
decryption/encryption system 96 on line 92; the encrypted message stored in the input 
message store 98 also inputs system 96. The system 96 utilizes known public key 
cryptographic techniques to decrypt the message from these inputs. The decrypted message 
is then output to output message store 100 where it may be accessed by the subscriber. 

If the person using apparatus 70 was not the person whose fingerprints were 
represented by the encoded filter F, then the optical signal S' derived from the multiplication 
of the filter F from the card with the Fourier transform P' of that persons fingerprint(s) will 
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not equal S. This will mean that the unique number u' indirectly derived from S' will not 
be equivalent to u. Consequently the key generated by the private/public key generator 88 
will not decrypt the encrypted message. 

An individual may send a subscriber an encrypted message utilizing apparatus 
70 in the following manner. The individual stores a plain text message in input message 
store 98, depresses button 77 of operator input 74 and inputs the public key of the subscriber 
to public key receiver 95. This prompts the key generator 88 to directly input the public 
key from public key receiver 95 to the decryption/encryption system 96. The system 96 
uses this key in encrypting the plain text message and outputs the encrypted message to 
output message store 100. The individual may then transmit the encrypted message to the 
subscriber in any non-secure manner. (It may be noted that the fingerprint and card reading 
subsystems of apparatus 70 are inactive when button 77 is pressed.) 

It will be apparent that the system of this invention allows the use of public 
key encryption techniques without a subscriber knowing his private key. This enhances the 
security of the system. Yet further a lost card could not be used by a third party in 
apparatus 70 because the unique number u is only recoverable by inputting the subscriber's 
fingerprint. 

Another advantage of the subject system is that the subscriber need not know 
his public key as it may be easily generated with the system of the invention. Furthermore, 
if an unauthorized individual broke in to an apparatus 70 of figure 2, he would have no way 
of determining the manner for generation of u since this number is only generated in the 
enrolment devices of figure 1 and is unique to each individual. 

The robustness of the system of the present invention may be enhanced as 
follows. In the enrolment apparatus 10 of figure 1, the absolute value of one point of g = 

{gi, gj, for example g,, may be stored on card 20. If this is done, then the processor 

circuit 80 of figure 2 may compare the imensity of this same point in the g function 
generated by optical correlator 142 with that point stored on the card and scale the elements 
of g fi-om correlator 142 accordingly. This will reduce the effect of the "noise" present in 
apparatus 70. For example, dirt or oil on the input screen 128 could reduce the absolute 
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intensity of g. However, the relative intensities of the delta functions would be preser\'ed. 
The absolute value could then be recovered by comparing one point of g generated by 
correlator 142 with that same point of g which is stored in absolute form on card 20. 

In another embodiment of the invention, the unique number, u, is related to 
the location of peaks in the correlator output, rather than their relative intensities as 
considered so far. In this embodiment the filter F is designed to produce a series of equal- 
intensity peaks at the correlation plane detector. The peak locations are carefully controlled 
so that they occur within a grid of p by q cells on the detector. When n such series of peaks 
are displayed sequentially, the unique number u can be reproduced, using only the peak 
location information. 

In this embodiment an individual will be enroled using the following 
procedure. With reference to figure 1, the individual will place their finger(s) on the input 
screen 28. As before, the fingerprint information is input to the ICDD 41, The digital 
output 42 of the ICDD is input to the unique filter generator 43 and to the unique number 
generator 44. The unique number generator 44 will assign the subscriber a unique number 
u as previously described. Then, the unique number generator 44 determines an array b 
which is related to the unique number u by the following relationship: 

u = f(b,w) 

where w is a constant for any specified number of peaks (t) and size of grid (p by q) as 
described hereinafter. For reasons which will also be apparent hereinafter, a convenient 
choice for the function is: 

u = b,w"-» + b2w"-^ + + b,.,w' + by 

Thus, the coefficients bj, b2 ... b„ which determine the unique number u can be evaluated 
using modular arithmetic as follows: 



b| = Integer of u 
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= Integer of u mod w""' 



b„.i =Integer of u mod 
w' 



b„ = Integer of u mod w 

0 

w 

The unique number generator 44 then assigns each value of bj to one of the 
possible permutations of arranging t peaks in a grid of p by q cells. One of the peaks is 
always located in the upper left cell of the grid, to serve as a reference peak. The number 
of permutations of locating the remaining t-1 peaks in the p.q-1 cells is given by w, where: 

w = (p.Q-n! 

(t-l)!(p.q-t)! 

Thus, it is clear that each coefficient bj has a value between 0 and w-1 
inclusive. The assignment of the value of h, to a particular panem of peak locations is 
accomplished by using a randomised look-up table in the filter generator which relates every 
possible value of bj (i.e. from 0 to w-1) to a unique permutation of peak locations in the 
grid. Thus, a two-way relationship between the value of bj and the relative locations of 
peaks in the grid is established. Clearly then, if the subscriber can later reproduce the 
pattern of peaks in such a grid using the apparatus 70 of figure 2, then the unique number 
u can be regenerated and thus the subscriber can proceed. Note however, that because of 
the randomised look-up table, even if a pattern of peaks were discerned, it would bear no 
relationship to the corresponding value of the element of b unless the look-up were known. 

The required locations of the peaks for each element, b|, of b are input to the 
unique filter generator from the unique number generator. The unique filter generator 
calculates the filter, so that when the correct fingerprint (or fingerprints), p, is input to 
apparatus 70 of figure 2, the output function, Sj, is the specified arrangement of equal- 
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intensity peaks. This calculation uses the Fourier transform of the subscriber's fingerprint(s), 
P, and the same approach as described previously, with the exception that all of the delta- 
like functions are assigned the same peak height, and their relative locations are determined 
by bj. (Therefore, in one dimension. 

Si = 5(x-x,)+5(x-X2)+ + 5(x-x,) 

where x,, Xj , x^ are determined by the iook-up table of peak locations for bj.) Note that 

n such filters, F,, Fj^-F,,, corresponding to b,, bjv-b^, will be required to determine all the 
elements of b. The n filters are generated in this manner, and are then stored on the card 
20. Thus, the enrolment process is completed and the user retains the card 20. 

Where the subscriber to the system wishes to regenerate the unique number, 
u, to produce the private or public key, the following procedure is adopted. Turning to 
figure 2, when a subscriber places his finger(s) on the input 128 of apparatus 70, inserts his 
card 20 in the reader 72, and presses button 76 (to display his public key) or 79 (to decrypt 
a message), the processor causes the n filters from the card 20 to be transferred sequentially 
to the SLM 144 on line 79. A given filter, Fj, is multiplied in the correlator 142 with the 
Fourier transform, P, of the subscriber's fingerprint(s). The inverse Fourier transform of the 
result, which is the function Sj, is displayed on the correlation plane detector 148. With 
reference to figure 3, which schematically illustrates a portion of figure 2, the location of 
the first peak 150 in the detector 148 is determined by scanning across the detector from 
upper left to the bottom right. This first peak is considered to be the reference peak, and 
its position defines the grid 151 of p by q detection cells in the correlation plane detector, 
with the reference peak occupying the upper left cell in this grid. The detector output is 
then scanned over the area of the grid 151 and the locations of the other t-1 peaks are 
determined. Each of the t-1 peaks occupies a unique cell in the grid and the position of 
each is communicated to the processor 80 on line 149. The processor determines the 
element bj of the vector b from the pattern of peaks by referring to the same randomised 
look-up table as used in the unique filter generator 43. The next filter, is then written 
to the SLM and thus the next element of b is determined and so on, until the entire array, 
b, is generated. 
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Since each element b, will have w possible values, b, is. in effect, a number ^ 
in base w. It is for this reason that 

u = f(b,w) 

is chosen as 

„ . b,«'"-' + bj«^-' + + b,.!"' + *>y- 

because *,s equation convem *e n elemen.. of b ftom base w to base .0 which is more 
sui^ble for communication purposes. Thus, the unique number u is recreated usmg the 
apparatus 70 of figure 2. and can be input to the pseudo-random number generator. 

In the example shown in figure 3. t-l (there are 4 peaks), p=q-4 {a 4x4 
detection grid is defined), and n=4 (4 filters are displayed sequentially). Thus m thts 
example, the unique number u would be capable of representing 455' or 4.3x,0 values. 

This embodiment of the invention has the advantage of requiring only a 
binary search for correlation peaks, without regard to their intensity. It will thus be more 
.sistant to anv variations in the correlation peak heights caused by the correlator system 



noise. 



A firrther embodiment of the invention would use the combination of peak 
heigh, and location to generate the unique number, u, ustng the procedures described heretn. 

A subscriber may use his card created with the enrolment device of figure 1 
to operate a PIN operated device, such as an ATM or a symmetric encryption/decrypuon 
svstem. utilizing apparatus 270 of figure 4. With regard to figure 1, me PIN may be denved 
fiom the unique number generator 44 or can be chosen by the system user 50. 

Turning to figure 4 in which like parts to those appearing in figure 2 have 
been given like numbers, apparatus 270 comprises an input system 129 with a laser 130, 
expander lens ,31, collimator lens 133, and prism 135. A correlator ,42 ,s ,n the 
information beam path ,39. The correlator comprises a Fourier uansforming lens 43^ ^ 
electronically addressable (programmable) spatial light modulator (SLM, ,44 ,n the back 
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focal plan, of lens U3. and an inverse Fourier .ransform lens 146. The ompu, beam 147 
from the correla.or inputs optical detector 148. Detector 148 inputs processor 80 on hne 
,49 The processor also receives an input from card reader 72 on line 78, The processor 
outputs to the SLM 144 on line 79 and to a PIN operated device 200 on line 282. 

A subscriber who wishes to use the PIN operated device places the same 
nnger or fingers on the input screen 128 as were placed on the screen 28 (figure 1) during 
emolmem and his card 20 in reader 72. This activates light source 130 and the resulttng 
output beam 139 from the prism is an information beam carrying the fingerprim pattern p'. 
The beam 139 canning the spatial fingerprint information proceeds into the correlator 142 
and passes through the Fourier transform lens 143. The filter information, F, stored on card 
20 is read by reader 72 and input to processor 80. The processor converts the tncomtng 
digital filter information signals to analog SLM drive voltages. These drive voltages, whtch 
represcm the filter informatton, are transferred into the SLM 144 on hne 79. The filter 
written on the SLM 144 modulates the fingerprint's optical transform through a 
muhtplicative method which is par, of the optical correlation operation which compares the 
subscribers finge,print(s) with those represented by the encoded filter F stored on the 
subscriber's card. The output from the SLM 144 is an optical signal S' whose simtlartty to 
Ae transfonn fimction S depends on the degree of correlation between the tnput 
fingerpri„t(s) p' and the reference fingerprint(s) p used to consuuc, .he filter F. If p and p' 
are the same fingerprint(s) then S' equals S. The optical signal 145 which comprises S' 
passes through the second transform lens 146 and onto the optical detector 148 where ,.s 
intensity distribution s' is detected. When p' equals p then s' will be an intensity distribution 
equal to g. the array of numbers which represent the unique number u. The output of the 
optical detector ,48 inputs the processor 80 which calculates the unique number u from the 

array of numbers (g, g,>. If -or in detection by detector 148 only allows p dist.nct 

values between 0 and m-l inclustve, where m is the dynamic range of the optical detector 
148, we calculate: 

g.* = gj(measured) . J_ and round to integers 



where 0 < gj* < P- 
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Thenu = g,*p"'»+ gj'^p"'^ + +gn*P° 

The number u then acts as the PIN (private key) for operating the PIN 
operated device 200. Thus, the fingerprint of an authorised user will recover his PIN from 
his card without need for the user to know his PIN. On the other hand, because the PIN is 
secured by the fingerprint, the user may choose his/her own PIN for use with the PIN 
operated system. 

The unique number u can also be generated using peak locations in the output 
of the correlator as described in a previous embodiment. 

It will be apparent to those skilled in the art that input systems other than 
system 29 of figure 1 and 129 of figures 2 and 4 are available in order to produce a 
fingerprint information beam. Some of these other systems do not require a laser. 

While it is preferred that the input to the input system is the fingerprint(s) of 
a user, the input system could be adapted to produce an optical signal impressed with 
characteristics from other body parts, such as a user's hand or iris. Indeed, any body part 
which has a unique signature comprises a biometric which may be suitable for use within 
the spirit of this invention. 

While the systems of figures 2 and 4 have been described in conjunction with 
an optical correlator 142, it will be apparent to those skilled in the art that the correlator may 
be implemented digitally. 

Other modifications will be apparent to those skilled in the art and, 
accordingly, the invention is defined in the claims. 
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WHAT IS CLAIMED IS: 



1. A biometric controlled key generation system, comprising: 

- a body part input for generating an optical information signal impressed with a biometric 
from a body part; 

- Fourier transform means along a path of said optical information signal to obtain a Fourier 
transform representation of said information signal; 

- a programmable filter responsive to said Fourier transform means for filtering said Fourier 
transform representation of said information signal to obtain a filtered Fourier transform 
representation; 

- means for reading data from a data carrier storing filter information and for programming 
said programmable filter with said filter information data; 

- inverse transform means responsive to said filter to inverse Fourier transform said filtered 
Fourier transform representation to obtain an inverse transform representation; 

- key generating means responsive to said inverse transform means for generating a private 
key. 

2. The key generation system of claim 1 wherein said key generating means comprises 
means to generate a seed number from said inverse transform representation, a pseudo- 
random number generator responsive to said seed number generator, and a key generator 
responsive to said pseudo-random number generator and said seed number generator. 

3. The key generation system of claim 2 including means for storing filter information on 
said data carrier, comprising: 

- a ftirther body part input for generating a further optical information signal impressed with 
a biometric from said body part; 

- image based seed number generation means to generate said seed number based on said 
further optica] information signal; 

- means to generate an array based on said seed number; 

- means for obtaining a Fourier transform of said ftirther optical information signal; 

- means for generating filter information based on said Fourier transform of said ftirther 
optical information signal and said array; and 

- means for storing said filter information on said data carrier. 
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4. The key generation system of claim 3 wherein said body part input comprises a 
fingerprint input for receiving at least one finger of a user. 

5. The key generation system of claim 4 wherein said data reading means comprises a card 
reader. 

6. The key generation system of claim 5 wherein said Fourier transform means comprises 
a Fourier transform lens, said programmable filter comprises a programmable spatial light 
modulator, and said inverse transform means comprises a lens. 

7. The key generation system of claim 3 wherein said data reading means is also for reading 
data from a data carrier storing an indication of an intensity of a component of an inverse 
Fourier transform and wherein said seed number generator is responsive to said data reading 
means to generate a seed number from said intensity indication as well as from said inverse 
transform. 

8. The key generation system of claim 1 wherein said programmable filter is a spatial light 
modulator. 

9. The key generation system of claim 2 including means for storing filter information on 
said data carrier, comprising: 

- a second body part input for generating a second optical information signal along a path 
impressed with characteristics of a second body part; 

- means to detect said second optical information signal; 

- means responsive to said detection means to generate a second seed number and an array 
based on said second seed number; 

- means responsive to said detection means and said second seed number and array 
generation means for generating filter information; and 

- means for storing said filter information on said data carrier, 

whereby said seed number and said second seed number are identical when said body part 
and said second body part are identical. 

10. The key generation system of claim 1 comprising: 
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- a sensor to sense said filtered Fourier transform representation, and wherein: 

- said data reading means is a card reader; 

. said key generating means compnses a pseudo-random number generator, a private key 
generator connected to an oputput from sard pseudo-random number generator, and a seed 
generator, said seed generator connected to (i) an output from sa,d card reader (ii) an output 
from satd sensor, (iii) an input to said pseudo-random number generator, and (iv) an tnput 
to said private key generator. 

, , The key generation system of claim 1, adapted for use as a public key cryptographic 
system comprising user controlled selection means and wherein said key generating means 
is responsive to said selection means for selectively generating one of said private key for 
decrypting a message and a public key for encrypting a message. 

p The key generation system of claim . 11 including a public key decryption system for 
storing an encrypted message and, responsive to any private key generated by satd key 
generating means, for attemptmg to decrypt said encrypted message .ath satd private key. 

1 3 The key generation system of claim 12 including public key input means for dtrec, 
input of a public key to a public key encryption system, said public key encryption system 
for storing a plain text message antl. responsive to any public key input to said pubhc key 
input means, for encrypting said plain text message with said public key. 

14. A method for generating a private key, comprising the steps of: 

- generating an optical information signal impressed with a biometric; 

- obuining a Fourier transform representation of said information signal; 

. receivtng a flter and Altering said Fourier transform representation of said informauon 
signal with said filter to obtain a filtered Fourier transform representation; 

- obtaimng an inverse Fourier transform representation of said filtered Founer transfonn 
representation; 

- generating a private key from said inverse transform representation. 

15. The method of claim 14 mcluding the step of utilising said private key for decryptmg 
a public key encrypted message. 
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16. The method of claim 14 wherein the step of generating a private key from said 
inverse transform representation comprises the steps of: 

- generating a seed number from said inverse transform representation; 

- generating a psuedo-random number responsive to said seed number; and 

- generating a private key responsive to said seed number and said psuedo-random number. 

17. The method of claim 16 wherein the step of receiving a filter comprises receiving 
a filter constructed from the steps of: 

- generating a further optical information signal impressed with said biometric; 

- generating said seed number based on said further optical information signal; 

- generating an array based on said seed number; 

- obtaining a Fourier transform of said further optical information signal; and 

- generating a filter based on said Fourier transform of said further optical information signal 
and said array. 
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new claims 18-43 added; reniaining claims unchanged (6 pages)] 

18. A biometric controlled key generation system, comprising: 

- a body pan input for generating an information signal impressed with a biometric from 
a body part; 

- means for reading comparison data from a data carrier, said comparison data 
comprising private key data encrypted by biometric data; and 

- means for comparing said information signal with said comparison data for recovering 
said private key data from said comparison data. 



19. A biometric controlled private key encoding system, comprising: 

- a body part input for generating an information signal impressed with a biometric from 
a body part; 

- means to generate a function based on one of said private key and a unique number 
from which said private key may be derived; 

- means to generate biometric data from said information signal; 

- means to encrypt said function with said biometric data to generate comparison data; 
and 

- means for storing said comparison data on a data carrier. 

20. The key generation system of claim 18 including means for storing said comparison 
data on said data carrier, comprising: 

- a further body part input for generating a further information signal impressed with a 
biometric from said body part; 

- means to generate a function based on one of said private key and a unique number 
from which said private key may be derived, said array comprising said private key data; 

- means to generate biometric data from said further information signal; 

- means to encrypt said array with said biometric data to generate said comparison data; 
and 

- means for storing said comparison data on said data carrier. 

21. The key generation system of claim 20 including key generating means for generating 
a private key from said private key data. 
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22. The key generation system of claim 21 wherein said means to generate a function is . 
based on said unique number and wherein said key generating means comprises means 
to recover said unique nmnber from said private key data, and including a pseudo-random 
number generator responsive to said private key data and a key generator responsive to 
said pseudo-random number generator and said means to recover said unique number. 

23. The key generation system of claim 18 wherein said body pan input for generating 
an information signal comprises optical means for generating an optical information signal 
and wherein said means for comparing comprises Fourier transform means to obtain a 
Fourier transform representation of said optical information signal. 

24. The key generation system of claim 23 wherein said Fourier transform means 
comprises optical transform means along a path of said optical information signal and 
wherein said means for comparing includes (i) a programmable filter responsive to said 
optical transform means for filtering said Fourier transform representation of said 
information signal to obtain a filtered Fourier transform representation, (ii) means for 
programming said filter with said comparison data, and (iii) inverse transform means 
responsive to said filter to inverse Fourier transform said filtered Fourier transform 
representation to obtain an inverse transform representation, and including key generating 
means responsive to said inverse transform means for generating a private key from said 
private key data. 

25. The key generation system of claim 22 wherein said means for comparing comprises 
Fourier transform means to obtain a Fourier transform representation of said information 
signal. 

26. The key generation system of claim 25 wherein said Fourier transform means 
comprises transform means along a path of said information signal and wherein said 
means for comparing includes (i) a programmable filter responsive to said transform 
means for filtering said Fourier transform representation of said information signal to 
obtain a filtered Fourier transform representation, (ii) means for programming said filter 
with said comparison data, and (iii) inverse transform means responsive lo said filter to 
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inverse Fourier transform said filtered Fourier transform representation to obtain an 
inverse transform representation, said key generating means being responsive to said 
inverse transform means. 

27. The key generation system of claim 26 including means to obtain one of said private 
key and a unique number from which said private key may be derived from said further 
information signal and wherein said means to generate biometric data from said further 
information signal comprises means for generating a Fourier transform of said further 
information signal. 

28. The key generation means of claim 27 wherein said means for reading comparison 
data is also for reading comparison data from a data carrier storing an indication of an 
intensity of a component of an inverse Fourier transform and wherein said means for 
comparing is responsive to said data reading means to recover private key data based on 
said intensity indication as well as based on said inverse transform. 

29. A method for generating a private key, comprising the steps of: 

- generating an information signal impressed with a biometric; 

- reading comparison data from a data carrier, said comparison data comprising private 
key data encrypted with biometric data; and 

- comparing said information signal with said comparison data for recovering said private 
key data from said comparison data. 

30. A method for encoding a private key, comprising the steps of: 

(a) generating an information signal impressed with a biometric from a body pan; 

(b) obtaining ftmciion generation data comprising one of a private key and a unique 
number from which said private key may be derived; 

(c) generating an array based on step (b); 

(d) generating biometric data from said information signal; 

(e) encrypting said function with said biometric data to generate said comparison data; 
and 

(0 storing said comparison data on said data carrier. 
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31 . The method of claim 29 including the steps of: 

(a) generating a further information signal impressed with a biometric from said body 
pan; 

(b) obtaining function generation data comprising one of said private key and a unique 
number from which said private key may be derived; 

(c) generating a function based on step (b); 

(d) generating biometric data from said further information signal; 

(e) encrypting said function with said biometric data to generate said comparison data; 
and 

(0 storing said comparison data on said data carrier. 

32. The method of claim 31 wherein step (b) comprises obtaining said unique number and 
including the step of pseudo-randomly generating a private key based on said unique 
number. 

33. The method of claim 29 wherein said step of comparing comprises obtaining a 
Fourier transform representation of said information signal. 

34. The method of claim 33 wherein said step of obtaining a Fourier transform comprises 
transforming said information signal and wherein said step of comparing includes (i) 
filtering said Fourier transform representation of said information signal with a filter 
programmed with said comparison data to obtain a filtered Fourier transform 
representation, and (ii) inverse Fourier transforming said filtered Fourier transform 
representation to obtain an inverse transform representation, said step of generating a key 
utilising said inverse transform. 

35. The method of claim 31 wherein said step of comparing comprises obtaining a 
Fourier transform representation of said information signal. 

36. The method of claim 35 wherein said step of obtaining a Fourier transform comprises 
transforming said information signal and wherein said step of comparing includes (i) 
filtering said Fourier transform representation of said information signal with a filter 
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programmed with said comparison data to obuin a filtered Fourier transform 
representation, and (ii) inverse Fourier transforming said filtered Fourier transform 
representation to obtain an inverse transform representation, said step of generating a key 
utilising said inverse transform. 

37. The method of claim 35 including the step of obtaining one of said private key and 
a unique number from which said private key may be derived from said further 
information signal and wherein said step of generating biometric data from said further 
information signal comprises generating a Fourier transform of said further information 
signal. 

38. The key generation means of claim 37 wherein said step of reading comparison data 
comprises reading an indication of an intensity of a component of an inverse Fourier 
transform and wherein said step of comparing comprises recovering private key data 
based on said intensity indication as well as based on said inverse transform. 

39. The method of claim 29 including the step of utilising said private key data for 
decrypting a public key encrypted message. 

40. The method of claim 29 including the step of utilising said private key data for 
accessing a PIN operated device. 

41. the method of claim 31 wherein said step of generating a function comprises deriving 
an array based on said function generation dau and, for each element of said array, 
setting an amplimde of an impulse function based on said each element in order to obtain 
a weighted impulse function array, and wherein the step of encrypting comprises dividing 
a Fourier transform representation of said weighted impulse ftinction array by said 
Fourier transform representation of said further information signal. 

42. The method of claim 31 wherein said step of generating a ftinction comprises 
associating a pattern of impulse ftinctions with said ftinction generation data, and wherein 
the step of encrypting comprises dividing a Fourier transform representation of said 
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associated pattern of impulse functions by said Fourier transform representation of said 
further information signal. 

I 

43. The method of claim 31 wherein said step of generating a ftmction comprises 
associating a pattern of impulse functions with said function generation data, deriving an 
array based on said function generation data and, for each element of said array, setting 
an amplitude of one impulse function of said pattern of impulse functions based on said 
each element in order to obtain a weighted impulse function pattern, and wherein the step 
of encrypting comprises dividing a Fourier transform representation of said weighted 
impulse function pattern by said Fourier transform representation of said further 
information signal. 
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